At a plenary meeting on 7 February 2017, the Article 29 Working Party (WP29) discussed the progress of its guidelines on the GDPR. The WP29 is continuing its work on Data Protection Impact Assessments (DPIAs), Certification and other topics. The DPIA guidelines are expected in April 2017, and the Certification guidelines in June 2017.
In regard to the Privacy Shield, the WP29 has decided that the EU centralised body, in charge of channelling complaints to the Ombudsperson, will be composed by 5 national Data Protection Authorities (DPAs). The WP29 has adopted two sets of template documents serving as complaint forms for submitting commercial related complaints or requests under the Ombudsperson mechanism, and has adopted its rules of procedure.
The WP29 intend to send a letter to the US authorities:
(i) To raise concerns and seek clarification on the impact of Trump’s recent Executive Order on the Shield;
(ii) To request assurances on the way personal data will be dealt with by US authorities regarding complaints under the Shield, and
(iii) To provide answers to questions from the US authorities on the functioning of the centralised body.
The WP29 also intend to issue an Opinion on the draft e-Privacy Regulation, published by the Commission earlier this year, in April 2017.
Press Release: Article 29 Working Party – February 2017 Plenary Meeting